Ever-resourceful hackers are looking towards new means of retrieving data from businesses, exploiting security holes in backup software to gain access to a company's most sensitive data.
According to a CNN story, security holes in backup software from two manufacturers which together have a third of the backup market, could provide hackers with a means of getting hold of company documents.
The concerns over this are twofold. Firstly, the data most likely to be backed up is going to be a company's most precious data, if nothing else. That means if a hacker does get through security holes in backup software, they have access to, at the very least, the most sensitive files. Secondly, it would seem system administrators don't see such an urgency in updating backup software, taking up to three times as long to patch-up, compared to software that is more commonly considered vulnerable to exploitation.
Let's face it, when you think about vulnerable software, you think about something that connect to the Internet, be it e-mail server software or a web browser. Why would an admin bother rushing to update some software seemingly unimportant to hackers? They're probably far too busy patching Internet Explorer, reinstalling Mozilla Firefox (again) and other such fulfilling tasks.
Other applications causing concerns include media players, with malformed audio content potentially allowing hackers access to a user's computer. Winamp has over the last few months been updated more than once to fix security flaws, for example.
Hackers will target whatever they can to gain access to a computer or a network. The moment the general consensus is that software x isn't in urgent need of update is the moment that a hacker finds a way of exploiting that complacency. Sysadmins, stay vigilant, stay patched.
